summaryrefslogtreecommitdiff
path: root/fs/anon_inodes.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2010-03-09 22:23:01 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2010-03-12 16:25:23 -0800
commit3836a03d978e68b0ae00d3589089343c998cd4ff (patch)
tree8a7e71fa5af7d87784145e14141a997b8a5b6e3f /fs/anon_inodes.c
parent83c0fb6500b13c9b7564fe453b76356dc58415d4 (diff)
downloadlwn-3836a03d978e68b0ae00d3589089343c998cd4ff.tar.gz
lwn-3836a03d978e68b0ae00d3589089343c998cd4ff.zip
anon_inodes: mark the anon inode private
Inotify was switched to use anon_inode instead of its own private filesystem which only had one inode in commit c44dcc56d2b5c7 "switch inotify_user to anon_inode" The problem with this is that now the inotify inode is not a distinct inode which can be managed by LSMs. userspace tools which use inotify were allowed to use the inotify inode but may not have had permission to do read/write type operations on the anon_inode. After looking at the anon_inode and its users it looks like the best solution is to just mark the anon_inode as S_PRIVATE so the security system will ignore it. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/anon_inodes.c')
-rw-r--r--fs/anon_inodes.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
index 9f0bf13291e5..2de009565d8e 100644
--- a/fs/anon_inodes.c
+++ b/fs/anon_inodes.c
@@ -209,6 +209,7 @@ static struct inode *anon_inode_mkinode(void)
inode->i_mode = S_IRUSR | S_IWUSR;
inode->i_uid = current_fsuid();
inode->i_gid = current_fsgid();
+ inode->i_flags |= S_PRIVATE;
inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
return inode;
}